Network Security Learning （ Qianfeng network security notes ）4– User management and server remote management

User management

One . Server system version introduction

windows Server system ：win2000 win2003 win2008 win2012

linux Server system ：Redhat Centos （ Open source , Fewer vulnerabilities ）

Two . User management

1. After each user logs in to the system , Have different operation permissions .

Each account has its own unique SID（ Security identifier ）

S-1-5-21-54515184553183351-153512-500

System ID： S-1-5-21-54515184553183351-153512

user UID：500

windows The rules ：Administrator：500, Other new users from 1000 Start

Different users have different permissions , Give permissions to different accounts , That is, for different accounts SID Grant authority

Account password storage location ：c:\windows\system32\config\SAM （ The hash algorithm ） # Brute force

windows On the system , The default password is valid for up to 42 God （ You can modify it yourself ）

2. Built in account

Accounts for people to use ：

administrator # Administrator account

guest # Guest account （ Very low permissions ）

The system account number related to the computer service component

system # System accounts == Highest authority

local services # Local service account == Permissions are equal to ordinary users

network services # Network service account == Permissions are equal to ordinary users

3. The configuration file

Each user has his own profile （ Home directory ）, Automatically generated when the user logs in for the first time , route ：

win7/win2008 c:\ user \

xp/win2003 c:\Documents and Settings\

net user / To view the user

net user user name / View user details

net user user name 123456 Directly change the password to 123456, Only administrators can use

net user abc 123 /add A new user abc, The password for 123

net user abc /del Delete abc

net user user name /active:yes /no Activate or disable the account

3、 ... and . Group management

1. Group concept

The role of the group ： Simplify the authorization

Authorization method ：

1） user — Group — Grant authority

2） user — Grant authority

2. Built in groups

The permission of built-in group has been given by the system by default

A user can join multiple groups

1)administrators     # Administrators group 
2)guests             # guests 
3)users              # Common user groups , All new users belong to this group by default 
4)network            # Network configuration group 
5)print              # Printer group 
6)Remote Desktop     # Remote desktop group 

net localgroup View the list of groups

net localgroup Group name View members of this group

net localgroup Group name /add Create a new group

net localgroup Group name user name /add Add a user to the group

net localgroup Group name user name /del Kick users out of the group

net localgroup Group name /del Delete the group

Server remote management

Remote management type

One . Remote desktop （ graphics ）

step ：
1. First, configure the network , And realize that the client and server can communicate with each other .
2. The server is turned on to allow remote control ： Right click desktop properties – Remote settings – Choose to allow – determine .
3. On the client ： Start – function – Input mstsc Open the remote connection tool .
4. stay mstsc Enter the name of the server on the tool IP And click OK .
5. Enter the account and password of the server .

Be careful ： If you use a non administrator account to log in remotely , Users need to be added to the remote desktop built-in group on the server Remote Desktop Users in .

Two .telnet（ Command line ）

The main command ：telnet The goal is IP

Service management window ：services.msc

Enable （ Automatically ）Telnet – Add to TelnetClients Group

View all open ports on this computer netstat -an

telnet：23

Remote Desktop Protocol RDP：3389